There exists a need to transfer sensitive information, such as cryptographic keys, between entities. As one example, secure access solution providers often need to share cryptographic keys with their customers and vice versa in order that the solution provider can create customized credentials and/or readers for the customer.
Many methods of transferring cryptographic keys between entities are in current use. Most of the existing methods do not provide a high level of assurance that the key is neither copied nor changed in the process. For example, there are instances where a cryptographic key is written on a piece of paper and sent via postal or express delivery to the receiving entity. There are other instances where a key is sent via facsimile transmission or email from the sending entity to the receiving entity.
There are highly secure methods of transferring cryptographic keys between entities. As one example, a cryptographic key can be split into any number of parts (e.g., seven parts) in such a manner that some subset of the parts (e.g., four parts) are needed to reassemble the key. The parts, which are commonly referred to as key fragments, are written individually to different secure devices such as smart cards or Fortezza cards. Each of the cards are sent by different routes to the receiving entity. The receiving entity waits until the necessary subset of the total number of secure devices comprising all of the parts have arrived and combines the fragments on those devices to reconstruct the key. The total number of parts and subparts are variable.
It can be appreciated that the simple methods described above are relatively unsecure and the secure methods are relatively complex. It is not surprising then that many keys are transferred using unsecure methods. What is needed is a simple yet secure mechanism for transferring cryptographic keys and other sensitive information from one entity to another.